feat: allow for configuring security context of all components (#410)

charts/argo/templates/server-deployment.yaml

@@ -26,6 +26,10 @@ spec:
 {{ toYaml .Values.server.podAnnotations | indent 8}}{{- end }}
     spec:
       serviceAccountName: {{ .Values.server.serviceAccount | quote }}
+      {{- if .Values.server.podSecurityContext }}
+      securityContext:
+        {{- toYaml .Values.server.podSecurityContext | nindent 8 }}
+      {{- end }}
       containers:
         - name: argo-server
           args:

charts/argo/templates/workflow-controller-config-map.yaml

@@ -16,7 +16,7 @@ data:
     {{- end }}
     {{- end }}
     containerRuntimeExecutor: {{ .Values.controller.containerRuntimeExecutor }}
-    {{- if or .Values.executor.resources .Values.executor.env }}
+    {{- if or .Values.executor.resources .Values.executor.env .Values.executor.securityContext}}
     executor:
       {{- with .Values.executor.resources }}
       resources: {{- toYaml . | nindent 8 }}
@@ -24,6 +24,9 @@ data:
       {{- with .Values.executor.env }}
       env: {{- toYaml . | nindent 8 }}
       {{- end }}
+      {{- with .Values.executor.securityContext }}
+      securityContext: {{- toYaml . | nindent 8 }}
+      {{- end }}
     {{- end }}
     {{- if or .Values.minio.install .Values.useDefaultArtifactRepo }}
     artifactRepository:

charts/argo/templates/workflow-controller-deployment.yaml

@@ -26,6 +26,10 @@ spec:
 {{ toYaml .Values.controller.podAnnotations | indent 8}}{{- end }}
     spec:
       serviceAccountName: {{ .Values.controller.serviceAccount | quote }}
+      {{- if .Values.controller.podSecurityContext }}
+      securityContext:
+        {{- toYaml .Values.controller.podSecurityContext | nindent 8 }}
+      {{- end }}
       containers:
         - name: controller
           image: "{{ .Values.images.namespace }}/{{ .Values.images.controller }}:{{ default .Values.images.tag .Values.controller.image.tag }}"